package gx.base;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authz.AuthorizationFilter;
import org.springframework.stereotype.Component;

/**
 * shiro 任意角色过滤器
 * 
 * @author gx
 * 
 */
@Component
public class AnyRoleAuthorizationFilter extends AuthorizationFilter {

  @Override
  protected boolean isAccessAllowed(ServletRequest request,
      ServletResponse response, Object mappedValue) throws Exception {
    Subject subject = getSubject(request, response);
    String[] rolesArray = (String[]) mappedValue;
    if (rolesArray == null || rolesArray.length == 0) {
      // no roles specified, so nothing to check - allow access.
      return true;
    }
    for (String role : rolesArray) {
      if (subject.hasRole(role)) {
        return true;
      }
    }
    return false;
  }
}
